Blog

Capital One Data Breach Puts Millions At Risk

In this case, Capital One was the target when an unknown individual gained access to the company's servers.

The breach was detected by an independent security researcher, who contacted Capital One on July 19th. Apparently, the hacker gained access via a server configuration vulnerability.

Upon being made aware of the issue, Capital One addressed it immediately, which cut the hacker off from the data. At this time, it is not believed that the hacker has sold the data he was able to collect, but the investigation is ongoing.

While this breach isn't the largest in American history, the scope and scale is still staggering. More than one million Americans and six million Canadians have been impacted by it. That includes more than a million Canadians that saw their social insurance numbers accessed.

In addition to more than a million Canadian social insurance numbers being exposed, the hacker also gained access to some 140,000 American social security numbers and over 80,000 bank account numbers.

If there's a silver lining here, it is the fact that the US Attorney's Office for the Western Distract of Washington said it had arrested a "former Seattle technology company software engineer" in relation to the breach. If that proves to be true, then they apparently got him before he had time to post and sell the data on the Dark Web.

If you are a Capital One customer, or if you've applied for a Capital One card or loan between 2005 and 2019, know that your data may have been among the records compromised.